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Art Unit: 26 1 9 

DETAILED ACTION 
Claim Rejections - 35 USC § 1 12 

1 . The following is a quotation of the second paragraph of 35 U.S.C. 1 1 2: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

2. Claim 1 4 is rejected under 35 U.S.C. 1 1 2, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

3. Claim 1 4 recites the limitation "the transmitting device ". There is insufficient 
antecedent basis for this limitation in the claim. It is noted that claim 6, in which the 
source generates a time out when no response is received, is similar to claim 1 4. 
Therefore, for the purposes of examination, claim 1 4 is interpreted as having the same 
features as claim 6. 

Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in ( I) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
35 1 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 
2 1 (2) of such treaty in the English language. 

5. Claims 1 -4, 7- 1 2, and 15-18 are rejected under 35 U.S.C 1 02(e) as being 
anticipated by Green etal. (US 2004/0022257 A 1). 
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6. Regarding claim 1 , Green et al. discloses a method of preventing a first partition 
of a partitionable computer system from transmitting a packet to a second partition of 
the partitionable computer system comprising: 

a . Receiving the packet from the first partition by a routing device the packet 
comprising a source address and a destination address ( Paragraph 0049, see 
"...the router logic receives a valid IB packet.. .router logic determines if the DLID 
[destination local identifier, i.e. destination address]. ..further determines if the 
SLID [source local identifier, i.e. source address]..."; Abstract, see 

"...router.. .between separate subnets...", i.e. one of the subnets is the first 
partition); 

b. Determining if the packet is allowed to be received by the destination 
address [Paragraph 0059, see "...router logic verifies the access properties of the 
SGID and DGID [e.g. whether they are in the same partition and are allowed to 
communicate with each other]..."); 

c. Prohibiting transmission of the packet to the destination address when the 
destination address is not allowed to receive the packet [Paragraph 0059, see 
"...access properties are not valid [i.e. destination address is not allowed to receive 
the packet], the packet is dropped [i.e. prohibiting transmission of the packet]..."). 

7. Regarding claim 2, Green et al. discloses that the determining comprises 
comparing the destination address to a set of addresses in a routing table (Paragraph 
0056, see "...destination GID [DGID] [i.e. destination address] is provided to a 'lookup 
table' [i.e. set of addresses in routing table]..."; Paragraph 0059, see "...router logic tests 
the results of the table lookup to determine if a match was found...", i.e. comparing). 



Art Unit: 26 1 9 

8. Regarding claim 3, Green et al. discloses that the determining comprises indexing 
a bit mask (Paragraph 0056, see "...table is...implemented as a B-tree search in parallel 
with a hash table index search [i.e. indexing a bit mask] to minimize the number of 
lookups..."). 

9. Regarding claim 4, Green et al. discloses that the prohibiting comprises dropping 
the packet {Paragraph 0059, see "...access properties are not valid, the packet is 
dropped..."). 

1 0. Regarding claim 7, Green et al. discloses that the routing device is a crossbar 
(Figure 4 label 402, see "Crossbar Switch"). 

1 1 . Regarding claim 8, Green et al. discloses a system for preventing a first partition 
of a partitionable computer system from transmitting a packet to a second partition of 
the partitionable computer system comprising: 

d . A processor of the first partition configured to assemble the packet, the 
packet comprising a source address and a destination address (Abstract, see 
"...router.. .between separate subnets...", i.e. one of the subnets is the first partition; 
Figure 1, see routers coupled to subnets; Paragraph 0045, see "...router logic 
comprise.. .embedded RISC processors ...router logic processes.. .determines new 
packet headers [i.e. assemble the packet], and routes..."; Paragraph 0049, see 
"...the router logic receives a valid IB packet.. .router logic determines if the DLID 
[destination local identifier, i.e. destination address]...further determines if the 
SLID [source local identifier, i.e. source address]..."); 

e. A transmitter in communication with the processor the transmitter 
configured to transmit the packet [Paragraph 0045, see "...router logic. .routes the 
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outgoing packets to the appropriate IB link control logic [i.e. transmitter for 
transmitting the packet]..."); 

f. A routing device that receives the packet Paragraph 0049, see "...the 
router logic receives a valid IB packet... router logic determines if the 
DLID... further determines if the SLID...", i.e. routing device that receives the 
packet) comprising a port (Paragraph 0027, see "...each port is assigned. ..a local 
identifier [LID]...", i.e. Packet comprises DLID and SLID, and the each LID 
comprises a port) and a firewall in communication with the port address 
(Paragraph 0060, see "...LID has been found...router logic [i.e. firewall]. ..runs one 
or more filters.. .filters are programmable tests that are based on selected packet 
header fields and that have programmable outcomes [e.g., whether a counter 
should be incremented, whether a packet should be dropped, whether a packet 
should be passes to the subnet manager]..."; By definition, a firewall permits, 
denies, encrypts, or proxies all computer traffic between different security 
domains based upon a set of rules or other criteria; Paragraph 0056, see 
"...destination GID [DGID] is provided to a 'lookup table'..."; Paragraph 0059, see 
"...router logic tests the results of the table lookup to determine if a match was 
found...", i.e. firewall in communication with the port address). 

1 2. Regarding claim 9, Green et al. discloses that the routing device is a crossbar 
(Figure 4 label 402, see "Crossbar Switch"). 

1 3. Regarding claim 1 0, Green et al. discloses that the firewall comprises a routing 
table of allowed destination addresses (Paragraph 0056, see "...destination GID [DGID] is 
provided to a 'lookup table'..."; Paragraph 0059, see "...router logic tests the results of the 
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table lookup to determine if a match was found...", i.e. lookup table is comprised of 
allowed destination addresses since a match to the DGID of the current has to be found 
in order to route the packet). 

1 4. Regarding claim 1 1 , Green et al. discloses that the firewall comprises a bit mask 
(Paragraph 0056, see "...table is...implemented as a B-tree search in parallel with a hash 
table index search [i.e. bit mask] to minimize the number of lookups..."). 

1 5. Regarding claim 1 2, Green et al. discloses that the routing device is configured to 
drop the packet when the firewall determines the destination address is not allowed to 
receive the packet {Paragraph 0059, see "...router logic verifies the access properties of 
the SGID and DGID [e.g. whether they are in the same partition and are allowed to 
communicate with each other]..."; Paragraph 0059, see "...access properties are not valid 
[i.e. destination address is not allowed to receive the packet], the packet is dropped..."). 

1 6. Regarding claim 1 5, Green et al. discloses a routing device in communication 
with a first partition of a partitionable computer system configured to prevent the 
transmission of a packet between the first partition and a second partition comprising: 

g. A port in communication with the first partition (Abstract, see 
"...router.. .between separate subnets...", i.e. one of the subnets is the first partition; 
Figure 1 , see routers coupled to subnets; Routers inherently have ports to 
communicate with each subnet) configured to receive the packet the packet 
having a source address and a destination address [Paragraph 0049, see "...the 
router logic receives a valid IB packet.-.router logic determines if the DLID 
[destination local identifier, i.e. destination address]. ..further determines if the 
SLID [source local identifier, i.e. source address]..."); 
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h. A firewall associated with the port [Paragraph 0060, see "...LID has been 
found. ..router logic [i.e. firewall]... runs one or more filters.. .filters are 
programmable tests that are based on selected packet header fields and that 
have programmable outcomes [e.g., whether a counter should be incremented, 
whether a packet should be dropped, whether a packet should be passes to the 
subnet manager]..."; By definition, a firewall permits, denies, encrypts, or proxies 
all computer traffic between different security domains based upon a set of rules 
or other criteria; Paragraph 0056, see "...destination GID [DGID] is provided to a 
'lookup table'..."; Paragraph 0059, see "...router logic tests the results of the table 
lookup to determine if a match was found...", Figure 4 labels 408 coupled to 
labels 404 and 406, i.e. firewalls associated with ports). 

1 7. Regarding claim 1 6, Green et al. discloses that the firewall comprises a routing 
table of allowed destination addresses [Paragraph 0056, see "...destination GID [DGID] is 
provided to a 'lookup table'..."; Paragraph 0059, see "...router logic tests the results of the 
table lookup to determine if a match was found... ", i.e. lookup table is comprised of 
allowed destination addresses since a match to the DGID of the current has to be found 
in order to route the packet). 

1 8. Regarding claim 1 7, Green et al. discloses that the firewall comprises a bit mask 
(Paragraph 0056, see "...table is...implemented as a B-tree search in parallel with a hash 
table index search [i.e. bit mask] to minimize the number of lookups..."). 

1 9. Regarding claim 1 8, Green et al. discloses that firewall is configured to drop the 
packet when the firewall determines the destination address is not allowed to receive 
the packet (Paragraph 0059, see "...router logic verifies the access properties of the SGID 
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and DGID [e.g. whether they are in the same partition and are allowed to communicate 
with each other]..."; Paragraph 0059, see "...access properties are not valid [i.e. 
destination address is not allowed to receive the packet], the packet is dropped..."). 

Claim Rejections - 35 USC § 103 

20. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented 
and the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

2 1 . Claims 5, 6, 1 3, 1 4, and 1 9 rejected under 35 U.S.C. 1 03(a) as being unpatentable 
over Green et al., as applied to claims 1, 8, and 1 5 respectively above, and further in 
view of Baehr et al. (US 5,884,025). 

22. Regarding claim 5, 1 3, and 1 9, Green et al. discloses a transmitter, as shown 
above, but does not specifically disclose a transmitter configured to send (or transmit) 
and error message to the source address of the packet when the packet is dropped. 

However, Baehr et al. discloses a screening system in which transmitted packets 
may be dropped with or without an error message generated to the sender of the 
packet (Column 7 lines 10-15). This helps prevent attacks on the system (Column 7 lines 
16-17). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the applicant's invention was made to incorporate the teachings of Baehr et al. into 
Green et al. in order to help prevent attacks on the system. 
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23. Regarding claims 6 and 1 4, Green et al. in view of Baehr et al. discloses that an 
error message may or may not be generated to a sender in the case of a dropped 
packet but does not specifically disclose generating a time out by the source address 
when a response to the packet is not received within a specified time period. 

However, it is well known in the art for a sender (i.e. source address] to await a 
response to a transmission for only a predetermined amount of time (i.e. time out\ in 
order to prevent the sender from having to wait forever to receive a response when the 
sender could be performing other processes. In the case of Green et al. in view of Baehr 
et al., if no error message is generated to the sender if a packet is dropped, then the 
sender has to have some way to know when to move on to other processes. 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the applicant's invention was made to modify the system of Green et al. in view of 
Baehr et al. to include a time out when no response is received within a specified time 
period in order to prevent the sender from having to wait forever to receive a response 
when the sender could be performing other processes. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to OTIS L THOMPSON, JR whose telephone number is 
(571)270-1953. The examiner can normally be reached on Monday to Thursday 7:30 
am to 5:00 pm EST. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Chirag Shah can be reached on (57 1 J272-3 1 44. The fax phone number for 
the organization where this application or proceeding is assigned is 57 1-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status information 
for unpublished applications is available through Private PAIR only. For more 
information about the PAIR system, see http://pair-direct.uspto.gov. Should you have 
questions on access to the Private PAIR system, contact the Electronic Business Center 
(EBC) at 866-2 1 7-9 1 97 (toll-free). If you would like assistance from a USPTO Customer 
Service Representative or access to the automated information system, call 800-786- 
9 1 99 (IN USA OR CANADA) or 57 1 -272-1 000. 

/Otis L Thompson, Jr./ 
Examiner, Art Unit 2619 

May 8, 2008 

/Chirag G Shah/ 

Supervisory Patent Examiner, Art Unit 26 1 9 



